DOCSLIB.ORG

Software Build and Release Management for a Wireless Product with Open Source Tools

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Software Build and Release Management for a Wireless Product with Open Source Tools Jukka Kokko SOFTWARE BUILD AND RELEASE MANAGEMENT FOR A WIRELESS PRODUCT WITH OPEN SOURCE TOOLS SOFTWARE BUILD AND RELEASE MANAGEMENT FOR A WIRELESS PRODUCT WITH OPEN SOURCE TOOLS Jukka Kokko Master’s thesis Autumn 2013 Degree Programme in Information Technology Oulu University of Applied Sciences ABSTRACT Oulu University of Applied Sciences Degree Programme in Information Technology Author: Jukka Kokko Title of thesis: Software Build and Release Management for a Wireless Product with Open Source Tools Supervisor: Markku Rahikainen Term and year when the thesis was submitted: Autumn 2013 Number of pages: 43 The object of this research was to test and select the best open source tools and processes for a project working with a complex wireless device, from a build and release management point of view. Some of the investigations were started on 2005; most of the work has been done during the year 2013 for Elektrobit Wireless Oy. The work consisted of studying and testing out multiple different open source tools used on build and release management process. The studied tools were Git, SVN and Mercurial as software configuration management systems, Bitbake, Yocto, Apache ANT and Apache Maven as build frameworks, Gerrit and Review Board as code review systems and CruiseControl and Jenkins as build automation systems. Also hardware selection, test automation, error and feature management related tools, delivery methods and effects of the project’s development model were considered. The result was a bit mixed as the best combination of tools depends on the project, but for example a project that uses agile methods and does software for a wireless embedded Linux device should use Git as a software configuration management system, Yocto as a build framework, Gerrit as a code review system and Jenkins as a build automation system. This kind of selection was considered to be the best option even if most of the studied applications would have been adequate to use. Keywords: Build management, software configuration management, build framework, code review 3 CONTENTS CONTENTS ................................................................................................................................... 4 TERMS AND ABBREVIATIONS ................................................................................................... 5 PREFACE ...................................................................................................................................... 7 1 INTRODUCTION ................................................................................................................... 8 2 BUILD AND RELEASE MANAGEMENT .............................................................................. 9 3 HARDWARE SELECTION .................................................................................................. 10 3.1 COMPILATION HARDWARE SELECTION .............................................................................. 10 3.2 SUPPORT SYSTEM HARDWARE SELECTION ....................................................................... 11 4 CONFIGURATION MANAGEMENT TOOL SELECTION ................................................... 13 4.1 INTRODUCTION AND REQUIREMENTS ................................................................................ 13 4.2 GIT ............................................................................................................................... 14 4.3 SVN ............................................................................................................................. 17 4.4 MERCURIAL .................................................................................................................... 19 5 BUILD FRAMEWORK SELECTION ................................................................................... 21 5.1 INTRODUCTION AND REQUIREMENTS ................................................................................ 21 5.2 BITBAKE ........................................................................................................................ 22 5.3 YOCTO .......................................................................................................................... 25 5.4 APACHE ANT ................................................................................................................. 26 5.5 APACHE MAVEN ............................................................................................................. 28 6 CODE REVIEW SYSTEM SELECTION .............................................................................. 31 6.1 GERRIT ......................................................................................................................... 31 6.2 REVIEW BOARD .............................................................................................................. 32 7 SELECTION OF THE SUPPORTING TOOLS .................................................................... 34 7.1 INTRODUCTION AND REQUIREMENTS ................................................................................ 34 7.2 BUILD AUTOMATION ........................................................................................................ 34 7.3 TEST AUTOMATION ......................................................................................................... 34 7.4 ERROR AND FEATURE MANAGEMENT RELATED TOOLS ...................................................... 35 7.5 DELIVERY METHODS ....................................................................................................... 35 8 CONCLUSIONS .................................................................................................................. 37 REFERENCES ............................................................................................................................ 39 APPENDICES.............................................................................................................................. 42 4 TERMS AND ABBREVIATIONS Build Framework A set of tools that handles compilation from downloading code to generating an end package for a large amount of code. GSM Global System for Mobile Communications. A standard set to describe protocols for digital cellular networks. Handheld A small wireless telephone using GSM network, also called as a cellular phone. Base station Part of a GSM network, communicates with handhelds. Development The estimated effort that the project will require. effort PC Personal Computer. A general -purpose computer that can be used to write programs. CI Continuous Integration. A development model where all changes are merged together several times a day. RAM Random Access Memory. Memory that can be both red and written. Codebase The source code for software system and/or application. RISC Reduced instruction set computing. A processor design strategy that relies on simple instruction sets. ARM An architecture that describes a family of RISC -based computer processors. SAS Serial Attached Small Computer System Interface. A point -to -point serial protocol for data transfer. Rpm Rotations per minute. The speed of a rotating disk. PCIE Peripheral Component Interconnect Express. A high -speed serial computer expansion bus standard. Bit A basic unit of information in computing. Hertz A basic unit of frequency. SPARC Scalable Processor Architecture. A RISC -based commercial processor family. C# An object -oriented programming language mostly used for Windows specific programs. SCM Software Configuration Management. A system that handles all changes done to the source code in a controlled way. HTTP Hypertext Transfer Protocol. An application protocol commonly used with Internet. SSH Secure Shell. A cryptographic network protocol, used to connect two locations securely over the existing connections. FSFS File System atop the File System. A file system with version control, the current default storage system for SVN. FOSS Free and Open Source Software. Software that can be classified as free and open source. IP Internet Protocol. A communications protocol used in the Internet. 5 LDAP Lightweight Directory Access Protocol. An access protocol for accessing and maintaining distributed directory information services over an IP network. OpenID Open standard Identification system. An authorization system developed to work with co-operating web sites REST API Representational State Transfer Application Protocol Interface. An interface to programmatically communicate via HTTP. SQL Structured Query Language. A special language for managing relational database’s data. NIS Network Information Service. A s erver based authentication system. TTCN Testing and Test Control Notation. A programming language used for testing communication protocols. 6 PREFACE This thesis work was carried out as part of developing a complex wireless device as a build specialist at Elektrobit Wireless Oy. Some parts of the work were also carried out after office hours. The thesis documentation was created after office hours during the year 2013. I would like to thank Timo Torvikoski for enabling the thesis work on behalf of Elektrobit Wireless Oy, Markku Rahikainen for acting as a supervising teacher and Kaija Posio for acting as a language instructor. I would also like to thank my colleagues for the information given during thesis work and especially Vesa Vuohtoniemi for acting as a thesis supervisor. Oulu, Finland, October 2013 Jukka Kokko 7 1 INTRODUCTION The aim of the thesis work was to present tools and processes used on software build and release
Load more

Recommended publications
  • How Bad Can It Git? Characterizing Secret Leakage in Public Github Repositories
    How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories Michael Meli Matthew R. McNiece Bradley Reaves North Carolina State University North Carolina State University North Carolina State University [email protected] Cisco Systems, Inc. [email protected] [email protected] Abstract—GitHub and similar platforms have made public leaked in this way have been exploited before [4], [8], [21], [25], collaborative development of software commonplace. However, a [41], [46]. While this problem is known, it remains unknown to problem arises when this public code must manage authentication what extent secrets are leaked and how attackers can efficiently secrets, such as API keys or cryptographic secrets. These secrets and effectively extract these secrets. must be kept private for security, yet common development practices like adding these secrets to code make accidental leakage In this paper, we present the first comprehensive, longi- frequent. In this paper, we present the first large-scale and tudinal analysis of secret leakage on GitHub. We build and longitudinal analysis of secret leakage on GitHub. We examine evaluate two different approaches for mining secrets: one is able billions of files collected using two complementary approaches: a to discover 99% of newly committed files containing secrets in nearly six-month scan of real-time public GitHub commits and a public snapshot covering 13% of open-source repositories. We real time, while the other leverages a large snapshot covering focus on private key files and 11 high-impact platforms with 13% of all public repositories, some dating to GitHub’s creation. distinctive API key formats. This focus allows us to develop We examine millions of repositories and billions of files to conservative detection techniques that we manually and automat- recover hundreds of thousands of secrets targeting 11 different ically evaluate to ensure accurate results.
    [Show full text]
  • Github Pull Request Review
    Github Pull Request Review Archaic and delegable Pierre prenotifying her longboat reactivating while Hartley reflow some intercross fadelessly. Narratable and thickhydropathic when Pincus Francois emerged reintegrate his timing. her bedchambers filigree or deactivate tamely. Unlearned and chiromantic Bearnard never outmeasuring There is merged soon, optimize this can request review status becomes quite clear based on their code management repositories that we would react to uninstall the pros and By dzone contributors, required for projects have fixed by everyone who can. In this palace, the toolbar will show why green Checks donut, a grey Changes revision, and grey zero counters in the remaining boxes. For this page with each other process, critical security expert from empirical and. Do at production data obtained from visual studio code review so that you if you want you selected, you a pull request that bad practice. Github will see? In github pull request review your first was this. Program readability: procedures versus comments. If any change on changes in progress and effective code coverage changes in that all pull request? Stripe is not have made for other reviewers are. Haacked is a blog about Technology, Software, Management, and fast Source. Even if there is in github or bandwidth costs go read way you can be detected by submitting are changes into new posts in github pull request review time for agility, requiring signed out. Rbac rules and code and more hunting down a nice aspect of incoming pr will update it more merge methods to! Review apps will spend some changes might require a pull reminders for.
    [Show full text]
  • Veni, Vidi, Vici
    Code Review: Veni, ViDI, Vici Yuriy Tymchuk, Andrea Mocci, Michele Lanza REVEAL @ Faculty of Informatics - University of Lugano, Switzerland Abstract—Modern software development sees code review as For example many of them leverage static code analysis a crucial part of the process, because not only does it facilitate techniques, like the ones provided by FindBugs [5], to spot the sharing of knowledge about the system at hand, but it may implementation problems. However, the results from such also lead to the early detection of defects, ultimately improving techniques are poorly integrated in a code review process, as the quality of the produced software. Although supported by we will see later. numerous approaches and tools, code review is still in its infancy, and indeed researchers have pointed out a number of We propose an approach to augment code review by inte- shortcomings in the state of the art. grating software quality evaluation, and more general design We present a critical analysis of the state of the art of code assessment, not only as a first class citizen, but as the core review tools and techniques, extracting a set of desired features concern of code review. Our approach, called Visual Design that code review tools should possess. We then present our vision Inspection (ViDI), uses visualization techniques to drive the and initial implementation of a novel code review approach quality assessment of the reviewed system, exploiting data named Visual Design Inspection (ViDI), illustrated through a set obtained through static code analysis. ViDI enables intuitive of usage scenarios. ViDI is based on a combination of visualization and easy defect fixing, personalized annotations, and review techniques, design heuristics, and static code analysis techniques.
    [Show full text]
  • How to Trust Auto-Generated Code Patches? a Developer Survey And
    How to trust auto-generated code patches? A developer survey and empirical assessment of existing program repair tools Yannic Noller∗ Ridwan Shariffdeen∗ National University of Singapore National University of Singapore Singapore Singapore [email protected] [email protected] Xiang Gao Abhik Roychoudhury National University of Singapore National University of Singapore Singapore Singapore [email protected] [email protected] ABSTRACT works on generating multi-line fixes [12, 29], or on transplanting Automated program repair is an emerging technology that seeks patches from one version to another [37] — to cover various use to automatically rectify bugs and vulnerabilities using learning, cases or scenarios of program repair. search, and semantic analysis. Trust in automatically generated Surprisingly, there is very little literature or systematic study patches is necessary for achieving greater adoption of program from either academia or industry — on the developer trust in pro- repair. Towards this goal, we survey more than 100 software practi- gram repair. In particular, what changes do we need to bring into tioners to understand the artifacts and setups needed to enhance the program repair process so that it becomes viable to have conver- trust in automatically generated patches. Based on the feedback sations on its wide-scale adoption? Part of the gulf in terms of lack from the survey on developer preferences, we quantitatively evalu- of trust comes from a lack of specifications — since the intended ate existing test-suite based program repair tools. We find that they behavior of the program is not formally documented, it is hard to cannot produce high-quality patches within a top-10 ranking and trust that the automatically generated patches meet this intended an acceptable time period of 1 hour.
    [Show full text]
  • Code Review Quality
    Code Review Quality Defining a good code review Overview Introduction: A modern code review process The importance of reviews for QA Strength and weaknesses Tools to make (better) reviews VCS: Git - Keeping track of changes. Gerrit: State of the art for git VCS. Continuous inspection: SonarQube How to define „good“? Factors to assess review quality Case study: How Developers see it Improve Review Quality Current research Defining a good code review 2 What is a modern code review process INTRODUCTION Defining a good code review 3 Introduction A modern review process Defining a good code review 4 Introduction The review value - strengths Coding standards compliance . Code review helps to maintain consistent coding style across the company . Reviews find high level breaches of design rules and consistency issues. Finding subtile bugs and defects early . A person is able to find logical flaws and approach problems, that might be very hard to find with tests. when they are cheap to fix. (Before submitting) Teaching and sharing knowledge . During review team members gain better understanding of the code base and learn from each other Strengthens team cohesion . Review discussions save team members from isolation and bring them closer to each other. Defining a good code review 5 Introduction The review value - weaknesses Highly depends on reviewer's experience and code familiarity . Study showed that the ‘worst’ reviewer can be ten times less effective than the best reviewer. The defect coverage is hard to asses . They might find a lot of different sorts of issues while overlook some potentially serious ones. Has a frustration and conflict potential .
    [Show full text]
  • Bitbucket Require Pull Request Reviews Before Merging
    Bitbucket Require Pull Request Reviews Before Merging Hercule often warehouses misguidedly when childbearing Hunter spin inexactly and alkalinise her sprays. Reinhold is guerilla and spin-drying swiftly as enow Claire imbibing inconvertibly and pictured vanward. Handwrought and bonzer Merrick delays her casemates underlapping while Reilly opaquing some cozener ever. Like overall purpose, especially if the status will use travis ci server running the lingo and require reviews are familiar Okay, so we want to do various reviews of the changes. Bloomberg and jira projects, and the code extension is used as a look at least allow the main address. Connect multiple Jira instances and any other trackers at the flip of a switch. The Bitbucket Deployments extension allows you to deploy rules, rule configs, hooks, connections, database connection scripts, clients, client grants, resource servers, Universal Login pages. If there are problems with my fix, they will be noticed quickly. This message is twice removed from the actual source code, and will only persist as long as you keep using the same host. Apply the easiest way of new pull request view pull requests grouped by your data. Now i want to pull every time using python by different user, for that they need to enter every time username and password. It is most efficient to comment on the line of code in question with the SQL queries so they can give their advice. Better Commit Policy for Bitbucket integrates the Better Commit Policy for Jira app to Bitbucket repositories with a fully native experience. Good ui action items that describe the essential part of projects may be quite frequently done your side tools integrate it attractive to merging pull request bitbucket reviews before.
    [Show full text]
  • Reviewboard Image Guide Reviewboard Stack Components
    ReviewBoard Image Guide Version 2.5.15 Websoft9 ReviewBoard is a pre-configured, ready to run image for running ReviewBoard on Alibaba Cloud. Review Board is an open source, web-based code and document review tool built to help companies, open source projects, and other organizations keep their quality high and their bug count low.Today, it’s a vital part of the development process at thousands of projects and companies, ranging from small startups of two people to enterprises of thousands.Review Board tracks changes to your pending code, graphics, documents, and all discussions around all the decisions made about your product. It shows you exactly how your code was changed, with syntax highlighting, interdiffs, moved line detection, indentation change indicators, and more.You can integrate with Review Board using its rich API and extension frameworks, allowing custom features, review UIs, data analysis, and more to be built without ever having to fork Review Board.There’s support for Bazaar, ClearCase, CVS, Git, Mercurial, Perforce, Plastic, and Team Foundation Server, hosted on your own server or on Assembla, Beanstalk, Bitbucket, Codebase, GitHub, GitLab, Gitorious, Kiln, or Unfuddle. ReviewBoard Stack Components Application Software(ReviewBoard2.5.15) ReviewBoard application directory: /data/wwwroot/reviewboard ReviewBoard configuration file: /data/wwwroot/reviewboard/conf/settings_local.py Application Server(Python 2.7.12,Django 1.6.11,apache2.4,memcached 1.4.25) Apache2 ReviewBoard Configuration: /etc/apache2/sites- available/reviewboard.conf
    [Show full text]
  • Git Pull Request Command Line
    Git Pull Request Command Line Clarence remains cytoid after Ely circularise unfeignedly or relearns any acclimatisers. Basil remains amygdalaceous: she histriumph Wavell her gruntingly. systematism interdigitated too blamefully? Clarance is ideologically legged after cabbalistical Jonathon instate How often be closed when a feature git pull request there are much better for contributing to know if you will make a lot with conflicts Green button at a maintainer will instruct git which you are using the history later. Why you move on as fork, you will be on github public repositories require your branch so you hover over a pull request as contribution. This makes git checkout and reply by someone else and their version control server at which survive history rewriting in random areas where. Vocabulary i have reviewed and can parse raw pcap files and effective way. Use git server set of this authentication process, i should describe alternative tools like review unit specify a git? You attach a successful build validation through five main repository? Close it would not allow users, we set up this, but it creates new branches. Looks plain text editor, which ensures each branch using a line. You have a pull request is a repository url of work in mind that it, leave comments for that remote repository. Examples include code and lines in line only present when you know how hackers are other files and forked repo that pull command. Any of their official repository like issues as draft pull? Merge command line? Comments on lines that. This article is also fork. Git on a line git pull request to commit that.
    [Show full text]
  • Fv3gfs-Wrapper: a Python Wrapper of the FV3GFS Atmospheric Model Jeremy Mcgibbon1, Noah D
    fv3gfs-wrapper: a Python wrapper of the FV3GFS atmospheric model Jeremy McGibbon1, Noah D. Brenowitz1, Mark Cheeseman1, Spencer K. Clark1,2, Johann Dahm1, Eddie Davis1, Oliver D. Elbert1,2, Rhea C. George1, Lucas M. Harris2, Brian Henn1, Anna Kwa1, W. Andre Perkins1, Oliver Watt-Meyer1, Tobias Wicky1, Christopher S. Bretherton1,3, and Oliver Fuhrer1 1Vulcan Inc., Seattle, WA 2Geophysical Fluid Dynamics Laboratory, NOAA, Princeton, NJ 3Department of Atmospheric Sciences, University of Washington, Seattle, WA Correspondence: Jeremy McGibbon ([email protected]) Abstract. Simulation software in geophysics is traditionally written in Fortran or C++ due to the stringent performance re- quirements these codes have to satisfy. As a result, researchers who use high-productivity languages for exploratory work often find these codes hard to understand, hard to modify, and hard to integrate with their analysis tools. fv3gfs-wrapper is an open-source Python-wrapped version of the NOAA (National Oceanic and Atmospheric Administration) FV3GFS (Finite- 5 Volume Cubed Sphere Global Forecasting System) global atmospheric model, which is coded in Fortran. The wrapper provides simple interfaces to progress the Fortran main loop and get or set variables used by the Fortran model. These interfaces enable a wide range of use cases such as modifying the behavior of the model, introducing online analysis code, or saving model variables and reading forcings directly to and from cloud storage. Model performance is identical to the fully-compiled Fortran model, unless routines to copy state in and out of the model are used. This copy overhead is well within an acceptable range of 10 performance, and could be avoided with modifications to the Fortran source code.
    [Show full text]
  • Github-Reviewboard-Sync's Documentation!
    githubreviewboardsyncDocumentation Release 0.1.0 Apptimize - Tim Martin June 03, 2016 Contents 1 Installation 3 2 Usage 5 3 Contributing 7 3.1 Types of Contributions..........................................7 3.2 Get Started!................................................8 3.3 Pull Request Guidelines.........................................8 3.4 Tips....................................................9 4 Credits 11 4.1 Development Lead............................................ 11 4.2 Contributors............................................... 11 5 History 13 5.1 0.1.5 (2016-06-03)............................................ 13 5.2 0.1.4 (2016-05-09)............................................ 13 5.3 0.1.3 (2016-05-06)............................................ 13 5.4 0.1.2 (2016-05-05)............................................ 13 6 github-reviewboard-sync 15 6.1 Overview................................................. 15 6.2 Installation................................................ 15 6.3 Features.................................................. 15 6.4 Credits.................................................. 16 7 Indices and tables 17 i ii githubreviewboardsyncDocumentation; Release0:1:0 Contents: Contents 1 githubreviewboardsyncDocumentation; Release0:1:0 2 Contents CHAPTER 1 Installation At the command line: $ easy_install github-reviewboard-sync Or, if you have virtualenvwrapper installed: $ mkvirtualenv github-reviewboard-sync $ pip install github-reviewboard-sync 3 githubreviewboardsyncDocumentation; Release0:1:0 4 Chapter
    [Show full text]
  • Fedora Infrastructure Best Practices Documentation Release 1.0.0
    Fedora Infrastructure Best Practices Documentation Release 1.0.0 The Fedora Infrastructure Team Sep 09, 2021 Full Table of Contents: 1 Getting Started 3 1.1 Create a Fedora Account.........................................3 1.2 Subscribe to the Mailing List......................................3 1.3 Join IRC.................................................3 1.4 Next Steps................................................4 2 Full Table of Contents 5 2.1 Developer Guide.............................................5 2.2 System Administrator Guide....................................... 28 2.3 (Old) System Administrator Guides................................... 317 3 Indices and tables 335 i ii Fedora Infrastructure Best Practices Documentation, Release 1.0.0 This contains a development and system administration guide for the Fedora Infrastructure team. The development guide covers how to get started with application development as well as application best practices. You will also find several sample projects that serve as demonstrations of these best practices and as an excellent starting point for new projects. The system administration guide covers how to get involved in the system administration side of Fedora Infrastructure as well as the standard operating procedures (SOPs) we use. The source repository for this documentation is maintained here: https://pagure.io/infra-docs Full Table of Contents: 1 Fedora Infrastructure Best Practices Documentation, Release 1.0.0 2 Full Table of Contents: CHAPTER 1 Getting Started Fedora Infrastructure is full of projects that need help. In fact, there is so much work to do, it can be a little over- whelming. This document is intended to help you get ready to contribute to the Fedora Infrastructure. 1.1 Create a Fedora Account The first thing you should do is create a Fedora account.
    [Show full text]
  • Peer Code Review in Open Source Communities Using Reviewboard
    Peer Code Review in Open Source Communities Using ReviewBoard Amiangshu Bosu Jeffrey C. Carver Department of Computer Science Department of Computer Science The University of Alabama The University of Alabama Tuscaloosa, AL Tuscaloosa, AL USA USA [email protected] [email protected] Abstract maintaining the integrity of the code, peer-review helps the community spread knowledge, expertise, and development Peer code review is an effective method to reduce the num- techniques among the review participants [16, 17]. ber of defects and maintain source code integrity. Peer re- views in most of the Open Source Software (OSS) Based upon when the review occurs, there are two types of communities are conducted via mailing list, which are dif- peer-review processes used in OSS communities: 1) Pre- ficult to manage at times. Code review tools aim to ease the commit review: Code is committed to the repository only review process and keep track of the review requests. In after peer(s) have reviewed it and are satisfied with it. This this paper, we describe preliminary results of our study to type of review process is also known as Review-Then- evaluate code review process using a popular open source Commit (RTC). 2) Post-commit review: Code is inspected code review tool (ReviewBoard) in OSS communities. after it is submitted to the repository, usually a develop- Some of our study findings are similar to the findings of ment branch. This type of review process is also known as previous studies on code reviews. In the projects under our Commit-Then-Review (CTR) [6, 14].
    [Show full text]